Tagged articles

2149 articles

Page 21 of 22

May 11, 2017 · Cloud Computing

Design and Implementation Principles for Private Cloud Architecture

This article explains the fundamental principles, security considerations, and cloud‑native design of private cloud infrastructure, covering stability, scalability, redundancy, storage options, network architecture, authentication, encryption, resource pooling, SLA management, and example OpenStack designs to guide practical implementation.

OpenStackSecuritycloud architecture

0 likes · 46 min read

Design and Implementation Principles for Private Cloud Architecture

Tencent Architect

May 5, 2017 · Operations

Automation and Operational Management for Large-Scale Infrastructure at the Architecture Platform

The article explains how the Architecture Platform team builds a comprehensive, automated operations system—including CMDB, cost budgeting, monitoring, permission management, self‑service tools, and mobile access—to safely and efficiently manage tens of thousands of servers and massive storage services.

AutomationCMDBInfrastructure

0 likes · 14 min read

Automation and Operational Management for Large-Scale Infrastructure at the Architecture Platform

21CTO

Apr 29, 2017 · Backend Development

Designing High‑Performance, Scalable Web Architecture: Key Principles

This article explains how to design a high‑traffic website architecture by layering the system, addressing performance, availability, scalability, extensibility, and security, and outlines metrics and testing methods for ensuring reliable, fast, and secure operation.

BackendScalabilitySecurity

0 likes · 10 min read

Designing High‑Performance, Scalable Web Architecture: Key Principles

Tencent Music Tech Team

Apr 28, 2017 · Mobile Development

Analysis and Implementation of Android APK Signature Scheme v2

The article explains Android’s APK Signature Scheme v2—introduced in Android Studio 2.2—its performance and integrity benefits over v1, details the signing block structure and verification steps, and demonstrates how to embed and retrieve custom channel data within the v2 block while preserving successful verification.

APKAndroidGradle

0 likes · 14 min read

Analysis and Implementation of Android APK Signature Scheme v2

MaGe Linux Operations

Apr 24, 2017 · Information Security

How a Redis Server Got Hijacked and What You Can Do to Prevent It

This article recounts a Redis server hijacking incident, details the step‑by‑step investigation and remediation process, and offers practical security recommendations to protect Redis deployments on Linux environments.

IntrusionSecurityinformation security

0 likes · 7 min read

How a Redis Server Got Hijacked and What You Can Do to Prevent It

ITPUB

Apr 24, 2017 · Information Security

Which Linux Commands Can Wipe Your System and How to Stay Safe

The article lists a series of Linux commands that can permanently delete files, format disks, or overload system resources, explains why they are dangerous, and provides practical tips such as avoiding root for daily work, verifying command purpose, using trusted sources, and regularly backing up data.

PreventionSecurityShell

0 likes · 7 min read

Which Linux Commands Can Wipe Your System and How to Stay Safe

Alibaba Cloud Developer

Apr 18, 2017 · Information Security

Mastering CDN HTTPS: Architecture, Optimization, and Best Practices

This article explains how modern websites rely on HTTPS and CDN, details SSL/TLS and HTTP/2 fundamentals, describes Alibaba Cloud's CDN HTTPS architecture, dynamic certificate management, key‑server solutions, optimization techniques, and practical guidance for deploying HTTPS end‑to‑end.

CDNHTTP/2HTTPS

0 likes · 13 min read

Mastering CDN HTTPS: Architecture, Optimization, and Best Practices

MaGe Linux Operations

Apr 15, 2017 · Information Security

Boost Your Linux Security: Essential Commands and Best Practices

This article provides a comprehensive, step‑by‑step guide to hardening a Linux system, covering console restrictions, password policies, sudo alerts, SSH tuning, Tripwire intrusion detection, firewalld and iptables management, compiler restrictions, immutable files, SELinux auditing with aureport, and the sealert tool.

HardeningSELinuxSSH

0 likes · 14 min read

Boost Your Linux Security: Essential Commands and Best Practices

Tongcheng Travel Technology Center

Apr 14, 2017 · Information Security

Implementing a Lightweight User Authentication Mechanism for Hadoop at Tongcheng Travel

This article describes the design, implementation, and deployment of a custom Hadoop security solution that introduces username‑password authentication via RPC, integrates a new protobuf protocol, modifies NameNode behavior, and provides rollout tools to secure a large‑scale shared Hadoop cluster without service interruption.

AuthenticationHadoopKerberos

0 likes · 9 min read

Implementing a Lightweight User Authentication Mechanism for Hadoop at Tongcheng Travel

MaGe Linux Operations

Apr 9, 2017 · Operations

Ansible vs SaltStack: Which Automation Tool Wins for Secure, Fast Ops?

An in‑depth comparison of Ansible and SaltStack evaluates response speed, security, maintenance overhead, and syntax readability, concluding that despite slower performance, Ansible’s superior security and simpler operations make it the preferred automation solution for large‑scale, especially financial, environments.

AnsibleMicroservicesSaltStack

0 likes · 9 min read

Ansible vs SaltStack: Which Automation Tool Wins for Secure, Fast Ops?

Architecture Digest

Apr 5, 2017 · Backend Development

Design Patterns and Essential Elements of External Payment System Interfaces

The article reviews common payment channels such as Alipay, WeChat Pay, and point‑deduction models, analyzes their interface designs, security checks, and optional steps, and summarizes the mandatory API and security components required for robust payment system integration.

AlipayBackendPayment Integration

0 likes · 7 min read

Design Patterns and Essential Elements of External Payment System Interfaces

MaGe Linux Operations

Apr 2, 2017 · Information Security

How to Harden Linux Servers: Disable Root, Use Private Users, and Secure SSH

This guide explains why absolute security is impossible, describes common attack vectors against SSH, and provides step‑by‑step techniques for disabling root logins, configuring sudo, creating private service users, tightening file permissions, and removing unused accounts to harden Linux servers.

$rootSSHSecurity

0 likes · 15 min read

How to Harden Linux Servers: Disable Root, Use Private Users, and Secure SSH

Architects Research Society

Mar 31, 2017 · Fundamentals

The State of IoT Standards: Challenges, Alliances, and Future Directions

The article examines the fragmented landscape of Internet of Things (IoT) standards, highlighting the lack of a universal protocol, the proliferation of competing alliances such as Thread, AllJoyn, IoTivity, the Industrial Internet Consortium, ITU‑T SG20, IEEE P2413, and Apple HomeKit, and discusses the security, interoperability, and market adoption challenges that determine which standards may survive.

InteroperabilityIoTProtocols

0 likes · 11 min read

The State of IoT Standards: Challenges, Alliances, and Future Directions

Efficient Ops

Mar 30, 2017 · Operations

Why Ops Engineers Are Always the Scapegoat—and How to Turn That Into Value

The article reflects on the challenges faced by operations engineers in small companies, illustrating why they often become scapegoats, and offers practical advice on learning, risk control, communication, and disaster‑recovery drills to increase their value and effectiveness.

OperationsSecuritylearning

0 likes · 18 min read

Why Ops Engineers Are Always the Scapegoat—and How to Turn That Into Value

MaGe Linux Operations

Mar 30, 2017 · Information Security

25 Essential Linux Hardening Tips to Boost System Security

Discover 25 practical Linux hardening techniques—from BIOS protection and minimal package installation to SELinux configuration, firewall rules, and user account management—that help system administrators strengthen security, prevent attacks, and maintain a resilient, well‑configured server environment.

HardeningPassword policySELinux

0 likes · 14 min read

25 Essential Linux Hardening Tips to Boost System Security

MaGe Linux Operations

Mar 27, 2017 · Information Security

Top 10 Enterprise Linux Server Security Practices You Must Implement

This guide outlines ten essential security measures for enterprise Linux servers, covering password management, network service restriction, user account controls, root privilege handling, logging, firewall and IDS integration, vulnerability tracking, and regular patch updates to strengthen system protection.

SecurityServerfirewall

0 likes · 14 min read

Top 10 Enterprise Linux Server Security Practices You Must Implement

360 Zhihui Cloud Developer

Mar 23, 2017 · Information Security

Secure Elasticsearch with Search Guard: Step‑by‑Step Installation & Configuration Guide

This article provides a comprehensive, step‑by‑step tutorial on installing and configuring Search Guard for Elasticsearch, covering feature overview, version compatibility, downloading required packages, local installation commands, SSL/TLS certificate generation, and detailed security settings to protect both transport and REST layers.

ElasticsearchInstallationSSL/TLS

0 likes · 11 min read

Secure Elasticsearch with Search Guard: Step‑by‑Step Installation & Configuration Guide

Baidu Intelligent Testing

Mar 15, 2017 · Information Security

Comprehensive Guide to Android Application Security Scanning and Reverse Engineering

This article provides a step‑by‑step tutorial on setting up the development environment, installing essential tools, and performing APK reverse engineering and security analysis on Android applications, covering JDK, SDK, NDK, Apktool, Dex2jar, JD‑GUI, IDA, WinHex, and Eclipse.

APKAPKToolAndroid

0 likes · 16 min read

Comprehensive Guide to Android Application Security Scanning and Reverse Engineering

DevOps Coach

Mar 11, 2017 · Cloud Native

Why Containers Power Cloud‑Native Success: Packaging, Efficiency, and Security

The article explains three core reasons why containers excite developers—packaging and portability, resource efficiency, and security boundaries—then expands on self‑service infrastructure, cluster benefits, and the evolving relationship between containers and virtual machines in cloud‑native environments.

ContainersDevOpsSecurity

0 likes · 7 min read

Why Containers Power Cloud‑Native Success: Packaging, Efficiency, and Security

MaGe Linux Operations

Mar 6, 2017 · Information Security

How I Stopped a Massive Linux DDoS Attack and Eradicated Hidden Rootkits

A remote Ubuntu 12.04 server suffered a sudden 800 MB traffic surge caused by a hidden backdoor that sent continuous HTTP requests to malicious IPs; by analyzing logs, using iftop, netstat, lsof, and replacing compromised tools, the author identified and removed malicious processes, restored normal traffic, and outlined preventive security measures.

Network MonitoringSecurityiptables

0 likes · 9 min read

How I Stopped a Massive Linux DDoS Attack and Eradicated Hidden Rootkits

Tencent Cloud Developer

Mar 3, 2017 · Cloud Computing

Understanding VPC vs Classic Network in Public Cloud

After a mis‑configured security group in a classic network exposed a neighboring Alibaba Cloud user, developers highlighted the risks of shared internal networks and advocated moving to isolated Virtual Private Clouds, which offer customizable subnets, fine‑grained security, hybrid connectivity, and are now favored across major public‑cloud providers.

Network MigrationSecurityVPC

0 likes · 7 min read

Understanding VPC vs Classic Network in Public Cloud

Architecture Digest

Feb 24, 2017 · Backend Development

Designing a Flexible Backend Architecture on Alibaba Cloud for Early‑Stage Projects

This article outlines a cost‑effective, scalable backend architecture built on Alibaba Cloud services—including VPC, RDS, ECS, OSS, and security measures—to support the early stages of a mobile and web application and to enable gradual performance upgrades as traffic grows.

Alibaba CloudBackendRDS

0 likes · 9 min read

Designing a Flexible Backend Architecture on Alibaba Cloud for Early‑Stage Projects

Architecture Digest

Feb 14, 2017 · Frontend Development

Comprehensive Guide to Frontend Optimization: Efficiency, Performance, Stability, Responsiveness, Compatibility, SEO, and Accessibility

This article provides an extensive overview of frontend optimization techniques, covering work efficiency, speed performance, stability, responsive design, cross-browser compatibility, SEO best practices, and accessibility measures, offering practical tools, workflows, and strategies to improve web development productivity and user experience.

Responsive DesignSEOSecurity

0 likes · 27 min read

Comprehensive Guide to Frontend Optimization: Efficiency, Performance, Stability, Responsiveness, Compatibility, SEO, and Accessibility

Efficient Ops

Feb 9, 2017 · Cloud Computing

How Flow‑Based SDN Probes Transform Cloud Network Visibility and Security

This article explores how leveraging Flow technology and software‑defined probes can virtualize, visualize, and secure large‑scale cloud networks, addressing challenges such as scale, VTEP endpoints, traffic complexity, and enabling scalable, intelligent, and fast‑response network analysis.

SDNSecuritycloud networking

0 likes · 9 min read

How Flow‑Based SDN Probes Transform Cloud Network Visibility and Security

Architecture Digest

Feb 6, 2017 · Backend Development

Key Elements and Evolution of Large‑Scale Website Architecture

This article summarizes the evolution, patterns, and five core factors—performance, availability, scalability, extensibility, and security—of large‑scale website architecture, covering server tiers, caching, clustering, load balancing, data redundancy, and security measures.

ScalabilitySecuritycaching

0 likes · 13 min read

Key Elements and Evolution of Large‑Scale Website Architecture

360 Zhihui Cloud Developer

Jan 24, 2017 · Information Security

How to Secure Elasticsearch: Practical Strategies and Free Alternatives to Shield

This article outlines practical Elasticsearch security measures—including network, OS, and server hardening, port obfuscation, and the open‑source Search Guard plugin—to protect clusters from recent hacker attacks that previously compromised MongoDB instances.

ElasticsearchOpen-sourceSearch Guard

0 likes · 7 min read

How to Secure Elasticsearch: Practical Strategies and Free Alternatives to Shield

MaGe Linux Operations

Jan 20, 2017 · Information Security

Master SSH: Install OpenSSH, Configure Clients & Servers, and Apply Best Practices

This guide explains how SSH secures data transfer, details OpenSSH installation on Linux, walks through client and server configuration, demonstrates file transfer with scp and sftp, and lists essential hardening practices for a robust SSH deployment.

Client ConfigurationOpenSSHSSH

0 likes · 5 min read

Master SSH: Install OpenSSH, Configure Clients & Servers, and Apply Best Practices

Architecture Digest

Jan 12, 2017 · Blockchain

Blockchain Technology: Definitions, Applications, and Future Outlook – Interview with Expert Zou Jun

In this interview, blockchain specialist Zou Jun defines blockchain as an immutable, append‑only distributed ledger, explains its technical foundations, compares it with traditional databases, discusses public, consortium and private chain use cases, security concerns, and future prospects beyond finance.

BlockchainConsensusDecentralization

0 likes · 13 min read

Blockchain Technology: Definitions, Applications, and Future Outlook – Interview with Expert Zou Jun

Efficient Ops

Jan 8, 2017 · Databases

Why MongoDB Instances Get Hacked and How to Secure Them on the Cloud

This article explains the root causes of unauthenticated public‑IP MongoDB breaches, outlines UCloud's built‑in security safeguards, and provides step‑by‑step guidance for hardening self‑hosted MongoDB and smoothly migrating it to a cloud‑managed service.

AuthenticationMongoDBSecurity

0 likes · 8 min read

Why MongoDB Instances Get Hacked and How to Secure Them on the Cloud

MaGe Linux Operations

Jan 7, 2017 · Information Security

How to Build a Private CA and Manage SSL Certificates with OpenSSL

This step‑by‑step guide shows how to create a private Certificate Authority, generate self‑signed and server certificates, configure Apache for HTTPS, revoke certificates, update CRLs, and test the setup using OpenSSL and curl on Linux.

ApacheCertificate AuthorityOpenSSL

0 likes · 5 min read

How to Build a Private CA and Manage SSL Certificates with OpenSSL

Node Underground

Jan 4, 2017 · Backend Development

Top Node.js Best Practices for 2017 to Boost Your Backend Skills

This article outlines the most important Node.js best practices for 2017, including adopting ES2015, using Promises, following coding standards, deploying with Docker, monitoring with Prometheus or Trace, enhancing security with checklists, learning micro‑services, attending conferences, semantic versioning, and using LTS releases.

Backend DevelopmentDockerES2015

0 likes · 3 min read

Top Node.js Best Practices for 2017 to Boost Your Backend Skills

Architecture Digest

Jan 2, 2017 · Backend Development

API Design Guidelines for Mobile Applications

This article presents comprehensive API design standards for mobile apps, covering request/response conventions, naming rules, data type handling, security measures, compatibility, performance and user‑experience optimizations, and offers practical examples to help front‑end and back‑end engineers create robust, maintainable interfaces.

BackendJSONSecurity

0 likes · 19 min read

API Design Guidelines for Mobile Applications

Architecture Digest

Jan 1, 2017 · Fundamentals

Python 3.6 Release Highlights and New Features

The Python 3.6 release introduces numerous language enhancements such as f‑strings, variable annotations, underscore separators in numeric literals, async generators, and improved dictionary implementation, along with extensive standard‑library updates, security improvements, Windows encoding changes, performance optimizations, and new C‑API features.

PEPSecurityStandard Library

0 likes · 30 min read

Python 3.6 Release Highlights and New Features

Tencent Cloud Developer

Dec 22, 2016 · Mobile Development

Understanding iOS App Transport Security (ATS) and Deploying HTTPS with SSL Certificates

After Apple’s 2017 ATS enforcement requires all iOS apps to use HTTPS, developers must obtain an SSL certificate—such as a free Let’s Encrypt or Tencent Cloud‑issued GeoTrust certificate—install it on their web server (e.g., Nginx), optionally configure CDN encryption, and verify compliance with Apple’s security checks.

ATSHTTPSMobile Development

0 likes · 12 min read

Understanding iOS App Transport Security (ATS) and Deploying HTTPS with SSL Certificates

ITFLY8 Architecture Home

Dec 19, 2016 · Information Security

Mastering Single Sign-On (SSO): Architecture, Implementation, and Performance Insights

This comprehensive article explores the business need for Single Sign-On, explains its internal ticket‑based mechanisms, presents detailed Web‑SSO and desktop SSO implementations with full source code, analyzes security and performance risks, and offers step‑by‑step deployment guidance for Java/J2EE environments.

J2EESSOSecurity

0 likes · 21 min read

Mastering Single Sign-On (SSO): Architecture, Implementation, and Performance Insights

21CTO

Dec 18, 2016 · Backend Development

How to Design Clean, Stable, and User‑Friendly APIs: Best Practices

Effective API design requires shifting from a developer‑centric mindset to the user’s perspective, emphasizing clear documentation, stability, versioning, flexibility, security, and ease of use, while avoiding unnecessary complexity and ensuring consistent, well‑structured interfaces for diverse clients across web, mobile, and IoT platforms.

DocumentationSecurityVersioning

0 likes · 12 min read

How to Design Clean, Stable, and User‑Friendly APIs: Best Practices

ITFLY8 Architecture Home

Dec 17, 2016 · Information Security

How to Implement Robust Single Sign-On Across Multiple Domains

This article explores various single sign-on strategies—including shared Redis sessions, OpenID-based authentication, cookie-driven OpenID storage, and JSONP cross-domain solutions—detailing their architectures, limitations, and security considerations, and offers practical guidance for building scalable, secure SSO in multi-domain environments.

AuthenticationOpenIDSSO

0 likes · 9 min read

How to Implement Robust Single Sign-On Across Multiple Domains

WeChat Backend Team

Dec 12, 2016 · Information Security

Understanding TLS Handshake: Server Certificate, Key Exchange, and Client Authentication

This article explains the TLS handshake process, covering server certificate transmission, server key exchange details, certificate request handling, server hello done, client certificate usage, client key exchange mechanisms, RSA premaster secret encryption, Diffie‑Hellman and ECDH key exchanges, and the certificate verify step.

CertificateSecurityTLS

0 likes · 24 min read

Understanding TLS Handshake: Server Certificate, Key Exchange, and Client Authentication

DevOps

Dec 8, 2016 · Cloud Native

Anchore 2016 Container Technology Survey: Adoption, Security, CI/CD, Orchestration, and OS Trends

The 2016 Anchore survey reveals how organizations of various sizes adopt containers in production and development, highlights security concerns, shows CI/CD tool dominance, compares orchestration platforms, and analyzes host and image operating system preferences, providing a comprehensive view of the container ecosystem.

ContainersOrchestrationSecurity

0 likes · 7 min read

Anchore 2016 Container Technology Survey: Adoption, Security, CI/CD, Orchestration, and OS Trends

Node Underground

Dec 7, 2016 · Backend Development

7 Essential npm Tricks Every Developer Should Know

Discover seven practical npm tips—from listing globally installed packages and enabling command auto‑completion to checking security vulnerabilities, customizing per‑project configs, adjusting log levels, linking local dependencies, and enforcing engine strictness—each designed to streamline your Node.js workflow and boost productivity.

Securitycli tipsnpm

0 likes · 5 min read

7 Essential npm Tricks Every Developer Should Know

Efficient Ops

Nov 28, 2016 · Operations

Essential Ops Insights: Tool Choices, Automation, and Best Practices from a Senior Ops Expert

This article compiles expert Q&A on operations, covering tool selection, monitoring, Linux version choices, automation platforms, security, Docker, backup strategies, and career advice, offering practical guidance for modern infrastructure management.

AutomationOperationsSecurity

0 likes · 19 min read

Essential Ops Insights: Tool Choices, Automation, and Best Practices from a Senior Ops Expert

Hujiang Technology

Nov 9, 2016 · Databases

Risks of Auto‑Increment IDs and Distributed ID Solutions

The article explains how exposing auto‑increment primary keys can leak business information, illustrates the danger with historical examples, and evaluates alternative ID generation strategies such as encoding, UUIDs, and Snowflake‑style distributed IDs, including performance comparisons in MySQL.

Database designSecurityauto_increment

0 likes · 9 min read

Risks of Auto‑Increment IDs and Distributed ID Solutions

Node Underground

Nov 3, 2016 · Backend Development

Top 10 Must‑Know Node.js v6 Features Over v4

Node.js v6 introduces a suite of powerful enhancements over v4, including integrated Chrome DevTools debugging, EventEmitter event introspection, revamped Buffer APIs, unhandled Promise rejection warnings, secure temporary directory creation, symlink preservation, process warning handling, timing-safe crypto, V8 profiling shortcuts, and detailed CPU usage reporting.

Node.jsSecurityperformance

0 likes · 6 min read

Top 10 Must‑Know Node.js v6 Features Over v4

ITPUB

Nov 2, 2016 · Operations

10 Creative Linux Commands to Generate Secure Random Passwords

This guide presents ten distinct Linux command‑line techniques—including SHA‑based hashing, OpenSSL, /dev/urandom filtering, dd, and custom Bash functions—to quickly produce strong, random passwords of configurable length, each illustrated with sample output.

BashSecuritylinux

0 likes · 5 min read

10 Creative Linux Commands to Generate Secure Random Passwords

dbaplus Community

Nov 1, 2016 · Information Security

Exploiting Message Queue Injection to Hijack Distributed Nodes with Celery

The article explains how insecure serialization in message‑queue middleware, especially Python's pickle used by Celery, can be abused to inject malicious payloads that trigger remote code execution on distributed workers, and it demonstrates detection and exploitation techniques against vulnerable Redis and MongoDB brokers.

ExploitMessage QueuePython

0 likes · 17 min read

Exploiting Message Queue Injection to Hijack Distributed Nodes with Celery

360 Zhihui Cloud Developer

Nov 1, 2016 · Databases

Master MongoDB Permission Management: Roles, Users, and Best Practices

This guide thoroughly explains MongoDB's permission system, covering key concepts, role creation, inheritance, privilege assignment, user management, and essential precautions to avoid common security pitfalls and simplify administration.

Database AdministrationMongoDBRoles

0 likes · 9 min read

Master MongoDB Permission Management: Roles, Users, and Best Practices

Ctrip Technology

Nov 1, 2016 · Information Security

Understanding Serialization, Deserialization Vulnerabilities and Mitigation in Java

The article explains Java serialization and deserialization concepts, provides sample code for serializing a string to a file and restoring it, describes how insecure deserialization leads to remote code execution vulnerabilities illustrated by ActiveMQ, JBoss and Jenkins cases, and outlines mitigation techniques such as class whitelisting, encryption, and using transient fields.

DeserializationJavaMitigation

0 likes · 7 min read

Understanding Serialization, Deserialization Vulnerabilities and Mitigation in Java

ITPUB

Oct 31, 2016 · Information Security

Uncovering Linux Buffer Overflow Exploits: Stack Frames, Code Samples, and Defense

This article explains Linux process address space layout and stack‑frame structure, demonstrates a classic buffer‑overflow attack with full source code and compilation steps, analyzes how the exploit gains root privileges, and discusses why modern compilers and shells affect the attack's success.

ExploitSecuritybuffer overflow

0 likes · 15 min read

Uncovering Linux Buffer Overflow Exploits: Stack Frames, Code Samples, and Defense

Ctrip Technology

Oct 24, 2016 · Information Security

User Password Encryption and Cracking Techniques

This article explains common user password storage methods, compares their security characteristics, and details various cracking approaches—including hash collisions, rainbow tables, and advanced algorithms like PBKDF2, bcrypt, and scrypt—while emphasizing the importance of strong encryption to mitigate data breach risks.

HashingPBKDF2Security

0 likes · 8 min read

User Password Encryption and Cracking Techniques

ITPUB

Oct 23, 2016 · Information Security

10 Clever Linux Commands to Generate Strong Random Passwords

This guide walks through ten distinct Linux command‑line techniques—including date hashing, /dev/urandom filtering, OpenSSL, tr, strings, dd, and custom shell functions—to quickly produce secure, random passwords of configurable length for any environment.

Securitypasswordrandom

0 likes · 6 min read

10 Clever Linux Commands to Generate Strong Random Passwords

Nightwalker Tech

Oct 15, 2016 · Operations

Practical Insights and Best Practices for SMS Verification and Voice Code Delivery

This discussion compiles real‑world experiences, security concerns, delivery‑rate comparisons, and operational strategies for SMS and voice verification codes, highlighting multi‑provider setups, template handling, monitoring, and mitigation of spam filtering and abuse.

SMS VerificationSecuritydelivery rate

0 likes · 8 min read

Practical Insights and Best Practices for SMS Verification and Voice Code Delivery

dbaplus Community

Oct 11, 2016 · Databases

Master MySQL: Installation, Configuration, Charset & Engine Guide

This comprehensive guide walks you through MySQL's features, table size limits, Linux installation methods, source compilation, post‑install security hardening, character‑set management, engine selection, essential commands, and password recovery techniques for robust database administration.

Character SetConfigurationInstallation

0 likes · 19 min read

Master MySQL: Installation, Configuration, Charset & Engine Guide

Architects Research Society

Oct 9, 2016 · Blockchain

Blockchain Technical Features, Business Benefits, and Adoption by Financial and Technology Companies

The article explains blockchain's core technical traits such as distributed fault tolerance, immutability and cryptographic privacy, outlines the resulting business advantages like trust, cost reduction and enhanced security, and lists major financial and tech firms that are already exploring or deploying the technology.

Cost reductionFinancial ServicesSecurity

0 likes · 5 min read

Blockchain Technical Features, Business Benefits, and Adoption by Financial and Technology Companies

MaGe Linux Operations

Oct 8, 2016 · Information Security

Beware These 9 Dangerous Linux Commands That Can Wipe Your System

This article lists nine hazardous Linux commands—including a fork bomb, misuse of /dev/null, reckless rm -rf options, dangerous mkfs usage, tar bombs, dd mishaps, malicious scripts, and deceptive source code—explaining how each can destroy data or crash a system and how to avoid them.

SecurityShell CommandsSystem Administration

0 likes · 7 min read

Beware These 9 Dangerous Linux Commands That Can Wipe Your System

ITPUB

Oct 5, 2016 · Information Security

9 Dangerous Linux Commands You Must Never Run

This guide lists nine hazardous Linux commands—including a fork bomb, risky rm options, disk‑formatting utilities, tar bombs, and deceptive scripts—explaining how they work, why they can destroy data or freeze systems, and what precautions to take to avoid catastrophic damage.

Data lossSecuritydangerous-commands

0 likes · 7 min read

9 Dangerous Linux Commands You Must Never Run

ITPUB

Oct 4, 2016 · Operations

How to Build a Resilient High‑Traffic Website: A Complete Operations Guide

This guide outlines a step‑by‑step strategy for designing a highly available, secure, and scalable website architecture, covering domain acquisition, CDN deployment, image caching, data center selection, monitoring, DDoS mitigation, redundancy, server configuration, database replication, testing environments, and operational best practices.

OperationsSecurityhigh availability

0 likes · 14 min read

How to Build a Resilient High‑Traffic Website: A Complete Operations Guide

Baidu Intelligent Testing

Sep 30, 2016 · Information Security

Android Security Testing Checklist: Network Communication, Data Storage, and Packaging

This guide outlines essential Android security testing checkpoints, covering network communication risks, data storage protections, and packaging integrity measures to help developers identify and mitigate vulnerabilities before release.

AndroidDataStorageSecurity

0 likes · 5 min read

Android Security Testing Checklist: Network Communication, Data Storage, and Packaging

Node Underground

Sep 29, 2016 · Information Security

What Critical Security Fixes Did Node.js Release on Sep 28?

On September 28 Node.js issued four security updates—including maintenance releases 0.10.47 and 0.12.16, LTS 4.6.0 Argon, and stable 6.7.0—addressing multiple CVEs such as wildcard certificate validation, HTTP header validation, OCSP extension misuse, and the SWEET32 attack, and urging users to upgrade promptly.

CVENode.jsOpenSSL

0 likes · 3 min read

What Critical Security Fixes Did Node.js Release on Sep 28?

Baidu Intelligent Testing

Sep 28, 2016 · Mobile Development

Security Checklist for Android Component Communication

This article outlines essential security checks for Android components—including Activity, WebView, BroadcastReceiver, Service, and ContentProvider—highlighting common vulnerabilities such as exported components, SSL handling, saved passwords, implicit intents, and unsafe broadcast APIs, and provides practical code examples and mitigation steps.

AndroidBroadcastReceiverComponent

0 likes · 7 min read

Security Checklist for Android Component Communication

Tencent TDS Service

Sep 22, 2016 · Fundamentals

How Android’s Linker Loads and Links Native .so Files (and What It Means for Packing)

This article explains Android's linker workflow for loading and linking native .so libraries, detailing the do_dlopen sequence, ELF parsing, memory mapping, soinfo allocation, relocation handling, and constructor calls, and concludes with a brief overview of common SO packing techniques.

AndroidELFLinker

0 likes · 19 min read

How Android’s Linker Loads and Links Native .so Files (and What It Means for Packing)

Architects Research Society

Sep 12, 2016 · Information Security

Intro to Computer and Network Security: Curated Learning Resources

This guide compiles essential papers, tools, virtual machines, datasets, and training sites to help learners deepen their understanding of computer and network security through both theoretical study and hands‑on practice.

ForensicsLearning ResourcesSecurity

0 likes · 6 min read

Intro to Computer and Network Security: Curated Learning Resources

Node Underground

Sep 10, 2016 · Information Security

Beware the 4 Evil Regex Patterns That Can Crash Your Node.js App

The article highlights four dangerous regular expression patterns that can cause severe performance degradation in Node.js, turning millisecond operations into minutes, potentially leading to timeouts, event‑loop blocking, and broader security risks, and points to additional encoding and cookie safety recommendations.

Securitydenial-of-serviceperformance

0 likes · 2 min read

Beware the 4 Evil Regex Patterns That Can Crash Your Node.js App

Node Underground

Aug 31, 2016 · Information Security

How Global Hook Injection Threatens Node.js Apps and How to Defend

Understanding the nature of security blind spots, this article explains how malicious modules can attach global hooks to inject arbitrary code into Node.js applications, highlighting the risks of module imports and offering insight into protecting against such injection attacks.

Code InjectionNode.jsSecurity

0 likes · 1 min read

How Global Hook Injection Threatens Node.js Apps and How to Defend

ITPUB

Aug 31, 2016 · Cloud Native

Master Decentralized Governance, Service Discovery, and Fault Tolerance in Cloud‑Native Microservices

This article explains how microservices adopt decentralized governance, outlines service registration and discovery mechanisms, details Docker and Kubernetes deployment strategies, describes security using OAuth2/OpenID, discusses transaction handling and fault‑tolerance patterns such as circuit breaking and timeouts, providing practical guidance for building robust cloud‑native systems.

Cloud NativeDockerKubernetes

0 likes · 12 min read

Master Decentralized Governance, Service Discovery, and Fault Tolerance in Cloud‑Native Microservices

360 Quality & Efficiency

Aug 29, 2016 · Information Security

Android Security Testing Guide

This guide explains how to use APKTool to decompile Android apps, inspect the AndroidManifest.xml for exposed components, and employ the Drozer framework to enumerate packages, assess component exposure, detect content provider leaks, SQL injection, file traversal, and service vulnerabilities.

APKToolAndroidDrozer

0 likes · 5 min read

Qunar Tech Salon

Aug 13, 2016 · Information Security

Android App Security Risks and Protection Strategies Presented at Qunar Tech Carnival

The article outlines common Android security vulnerabilities such as unprotected resources, easily decompiled Java and native code, and proposes protection measures like resource obfuscation, code encryption, native code hardening, and introduces the Qotector platform for APK analysis and reinforcement.

APK analysisMobile SecuritySecurity

0 likes · 7 min read

Android App Security Risks and Protection Strategies Presented at Qunar Tech Carnival

Qunar Tech Salon

Jul 21, 2016 · Information Security

Exploiting Premium Phone Numbers to Steal Money from Instagram, Google, and Microsoft

The article details how attackers exploit premium phone numbers in Instagram, Google, and Microsoft’s two‑factor authentication to generate automated voice calls, earn money per call, and how the vulnerabilities were reported, mitigated, and rewarded through bug‑bounty programs.

Bug BountyGoogleMicrosoft

0 likes · 13 min read

Exploiting Premium Phone Numbers to Steal Money from Instagram, Google, and Microsoft

High Availability Architecture

Jul 15, 2016 · Backend Development

High‑Availability Architecture for Weibo Paid Reading and Tipping Services

The article describes the high‑availability, high‑concurrency backend architecture of Weibo's paid reading and tipping platform, covering layered design, database sharding, asynchronous processing, monitoring, idempotency, distributed transaction handling, and security measures for a large‑scale internet‑finance system.

BackendIdempotencySecurity

0 likes · 8 min read

High‑Availability Architecture for Weibo Paid Reading and Tipping Services

AI Cyberspace

Jul 8, 2016 · Information Security

How CVE‑2016‑4971 Lets Attackers Hijack wget to Install Rootkits

The CVE‑2016‑4971 vulnerability in older wget versions allows attackers to redirect HTTP downloads to malicious FTP resources, causing hidden .bash_profile files to be written and executed, which can grant full host compromise and rootkit installation.

CVE-2016-4971RootkitSecurity

0 likes · 5 min read

How CVE‑2016‑4971 Lets Attackers Hijack wget to Install Rootkits

Qunar Tech Salon

Jul 6, 2016 · Information Security

Thirteen Ways Containers Are More Secure Than Virtual Machines

The article explains why containers offer stronger security than virtual machines by detailing thirteen best‑practice features such as disabling SSH, limiting ports, short‑lived containers, immutable designs, automated patching, and comprehensive scanning and logging strategies.

ContainersDevOpsIsolation

0 likes · 5 min read

Thirteen Ways Containers Are More Secure Than Virtual Machines

Efficient Ops

Jul 4, 2016 · Operations

What the 5th Annual DevOps Report Reveals About ROI, Culture, and Performance

The fifth‑year DevOps report, based on surveys of over 4,600 global professionals, shows how high‑performing organizations achieve dramatically faster deployments, higher employee loyalty, better quality and security, and substantial cost savings, while highlighting the ROI of DevOps investments and cultural transformation.

DevOpsEmployee loyaltyIT performance

0 likes · 15 min read

What the 5th Annual DevOps Report Reveals About ROI, Culture, and Performance

AI Cyberspace

Jul 4, 2016 · Information Security

Master Linux Auditing: Essential Commands and Log Analysis Techniques

This guide explains essential Linux audit commands, log‑viewing techniques, user and process inspection methods, and additional checks such as file integrity, network monitoring, cron jobs, and backdoor detection, providing a comprehensive toolkit for system security and operations.

Securityauditlog analysis

0 likes · 9 min read

Master Linux Auditing: Essential Commands and Log Analysis Techniques

High Availability Architecture

Jun 24, 2016 · Information Security

Xiaomi's Internet Finance Risk Control Practices: Architecture, Rules Engine, and Machine Learning

The article details Xiaomi's evolution of internet‑finance risk control—from early limit and frequency rules that cut bad‑debt by a third, through adopting the Drools rules engine for rapid deployment and gray‑release, to leveraging random‑forest machine‑learning models and extensive user profiling that reduced fraud by roughly 40%, while addressing privacy and operational challenges.

DroolsRandom ForestSecurity

0 likes · 15 min read

Xiaomi's Internet Finance Risk Control Practices: Architecture, Rules Engine, and Machine Learning

Architecture Digest

Jun 12, 2016 · Mobile Development

Key Principles of Android App Architecture: Maintainability, Extensibility, Security, and Onboarding

This article shares practical insights on Android app architecture, covering maintainability, extensibility, security, onboarding friendliness, documentation, package organization, MVC vs MVP patterns, and guidelines for selecting and encapsulating frameworks to build robust mobile applications.

AndroidMVCMVP

0 likes · 13 min read

Key Principles of Android App Architecture: Maintainability, Extensibility, Security, and Onboarding

Big Data and Microservices

May 6, 2016 · Operations

Mastering SNMP: Why It Matters and How to Deploy It on Linux

This article explains the Simple Network Management Protocol (SNMP), its purpose, advantages, core components, message structure, security features of SNMPv3, basic operations, and provides a step‑by‑step guide to installing and configuring net‑snmp on a Linux system.

SNMPSecuritylinux

0 likes · 13 min read

Mastering SNMP: Why It Matters and How to Deploy It on Linux

ITPUB

May 5, 2016 · Information Security

Understanding SQL Injection Through a Simple Robot Analogy

The article uses a warehouse‑robot analogy to illustrate how mixing user‑supplied data with commands leads to SQL injection and explains that separating commands from data via parameterized queries prevents this security flaw.

Parameterized QuerySQL injectionSecurity

0 likes · 5 min read

Understanding SQL Injection Through a Simple Robot Analogy

Big Data and Microservices

May 5, 2016 · Information Security

Essential Linux Security Audit Checklist: 11 Steps to Detect Compromise

This guide walks you through eleven systematic Linux security checks—including account inspection, log review, process analysis, file integrity, RPM verification, network monitoring, scheduled tasks, backdoor detection, kernel modules, services, and rootkit scans—to help identify potential system compromises.

ForensicsRootkitSecurity

0 likes · 6 min read

Essential Linux Security Audit Checklist: 11 Steps to Detect Compromise

Efficient Ops

May 4, 2016 · Operations

How to Build a Scalable OpenLDAP‑Based Unified Identity System for Enterprise Operations

This article walks through the evolution of a unified identity authentication system built on OpenLDAP, covering initial password‑management pain points, design decisions involving PAM and sudo, role‑based access control, multi‑IDC distributed deployment, security hardening with TLS and anti‑brute‑force measures, and practical host‑restriction techniques for reliable, secure operations.

Identity ManagementOpenLDAPPrivilege Management

0 likes · 15 min read

How to Build a Scalable OpenLDAP‑Based Unified Identity System for Enterprise Operations

Qunar Tech Salon

May 2, 2016 · Backend Development

Using JDK7 Standard Library for Flexible and Secure File Handling in Java

This article demonstrates how to leverage JDK7's standard library—Path, Paths, Files, and FileSystem—to perform flexible file operations, safe path concatenation, size‑checked reading, automatic resource management, directory traversal with FileVisitor, and security measures for preventing unsafe file access.

BackendJDK7Security

0 likes · 7 min read

Using JDK7 Standard Library for Flexible and Secure File Handling in Java

MaGe Linux Operations

Apr 29, 2016 · Information Security

How to Analyze and Recover from a Linux Rootkit Intrusion

This article walks through a real-world Linux server compromise, detailing the attack symptoms, forensic analysis steps, rootkit discovery, exploitation of an Awstats script vulnerability, and practical remediation measures to restore and harden the affected system.

AwstatsForensicsRootkit

0 likes · 14 min read

How to Analyze and Recover from a Linux Rootkit Intrusion

Java High-Performance Architecture

Apr 28, 2016 · Backend Development

Node.js 6.0 Unveiled: 4× Faster Modules, ES6 Support, and Enhanced Security

Node.js 6.0, released six months after 5.0, brings a four‑fold boost in module loading, richer documentation, broader ES6 coverage via V8 5.0, improved Buffer and filesystem APIs, and stronger security, while IBM recommends staying on the LTS 4.x until October.

LTSNode.jsSecurity

0 likes · 4 min read

Node.js 6.0 Unveiled: 4× Faster Modules, ES6 Support, and Enhanced Security

MaGe Linux Operations

Apr 21, 2016 · Information Security

Understanding SSL/TLS: From Handshake Basics to Secret Keys Explained

This article provides a comprehensive overview of SSL/TLS, covering its architecture, differences between SSL and TLS, detailed handshake steps, key exchange processes, secret generation, security considerations, proxy handling, and references, aiming to clarify the complex concepts for readers.

HandshakeSSLSecurity

0 likes · 22 min read

Understanding SSL/TLS: From Handshake Basics to Secret Keys Explained

Efficient Ops

Apr 21, 2016 · Information Security

Should Your Enterprise Join an AD Domain? Survey Results and Expert Insights

This article analyzes whether enterprises should adopt Active Directory domains by presenting a survey of 110 companies, highlighting the reasons for and against domain integration, and sharing expert opinions on the benefits, risks, and management considerations involved.

Active DirectoryDomain AdoptionManagement

0 likes · 13 min read

Should Your Enterprise Join an AD Domain? Survey Results and Expert Insights

Architects' Tech Alliance

Apr 19, 2016 · Fundamentals

An Overview of the Internet of Things (IoT): Architecture, Market Trends, Security, and Network Challenges

This article provides a comprehensive overview of the Internet of Things (IoT), covering its definition, layered architecture, rapid market growth, key application domains, data integration challenges, security concerns, and network load management, highlighting the shift from traditional IT to cloud‑enabled, sensor‑driven infrastructures.

IoTSecuritycloud computing

0 likes · 12 min read

An Overview of the Internet of Things (IoT): Architecture, Market Trends, Security, and Network Challenges

Architects' Tech Alliance

Apr 17, 2016 · Big Data

An Overview of Splunk as an IT Search Engine for Big Data Analysis

This article introduces Splunk as a specialized IT search engine for big data, detailing its data collection, indexing, analysis, reporting, security integration, scalability, and practical use cases such as operational troubleshooting, compliance auditing, and application performance monitoring.

Log ManagementSecuritySplunk

0 likes · 7 min read

An Overview of Splunk as an IT Search Engine for Big Data Analysis

Architecture Digest

Apr 13, 2016 · Information Security

HTTPS Optimization: Protocol and Configuration Best Practices

This article explains how to improve HTTPS performance and security by optimizing protocol features such as TCP Fast Open, HSTS, session resumption, OCSP stapling, False Start, and SPDY/HTTP2, discusses computational enhancements like ECC and OpenSSL upgrades, and provides practical deployment guidance for large‑scale web sites.

HTTPSSecurityTLS

0 likes · 26 min read

HTTPS Optimization: Protocol and Configuration Best Practices

21CTO

Apr 13, 2016 · Information Security

Why HTTPS Slows You Down and How It Secures Your Data

The article explains that HTTPS combines HTTP with TLS to provide encryption, authentication, and data integrity, describes TLS versions, key‑exchange algorithms such as RSA and ECDHE, and analyzes the network round‑trip and CPU overhead that HTTPS introduces, while also discussing deployment costs and optimization considerations.

HTTPSSecurityTLS

0 likes · 29 min read

Why HTTPS Slows You Down and How It Secures Your Data

21CTO

Mar 23, 2016 · Backend Development

Top 17 PHP Best Practices Every Backend Developer Should Follow

This article presents a comprehensive list of 17 essential PHP best‑practice tips—ranging from using absolute paths and custom loaders to proper output buffering, character encoding, session handling, and file permission management—to help developers write cleaner, more maintainable, and secure backend code.

Backend DevelopmentSecuritybest practices

0 likes · 13 min read

Top 17 PHP Best Practices Every Backend Developer Should Follow

dbaplus Community

Mar 15, 2016 · Databases

Unlocking Oracle 12c: Multitenant, In-Memory, and Security Features Explained

This article examines Oracle Database 12c’s key innovations—including multitenant architecture, the Database In‑Memory option, enhanced security controls, and integrated big‑data analytics—while sharing real‑world production experiences, benefits, and practical limitations for enterprises adopting cloud‑ready databases.

Database 12cIn-MemoryMultitenant

0 likes · 12 min read

Unlocking Oracle 12c: Multitenant, In-Memory, and Security Features Explained

ITPUB

Mar 14, 2016 · Information Security

How to Diagnose and Remove Hidden Malware Causing Network Flood on a Linux Server

A step‑by‑step guide shows how to identify abnormal NIC traffic, locate malicious init scripts and hidden processes, use simple shell scripts and netstat to pinpoint the offending connection, and clean a compromised Linux server to restore normal network performance.

SecuritySystem Hardeninglinux

0 likes · 10 min read

How to Diagnose and Remove Hidden Malware Causing Network Flood on a Linux Server

21CTO

Mar 8, 2016 · Backend Development

How to Build a High‑Performance, Secure Nginx Web Server on CentOS

This guide walks through why Nginx is preferred over Apache for high‑traffic sites, provides step‑by‑step instructions for compiling and installing Nginx on CentOS, and details extensive performance tuning and security hardening techniques to support tens of thousands of concurrent connections.

CentOSNginxSecurity

0 likes · 18 min read

How to Build a High‑Performance, Secure Nginx Web Server on CentOS

Efficient Ops

Mar 7, 2016 · Operations

How to Build a High‑Performance, Secure Nginx Web Server on CentOS

This guide walks through why Nginx is preferred over Apache, detailed steps to compile and install it on CentOS, and extensive configuration tweaks—including worker processes, kernel parameters, SELinux policies, and request‑filtering rules—to achieve high concurrency and robust security for production web services.

NginxSecurityWeb server

0 likes · 17 min read

ITPUB

Mar 1, 2016 · Fundamentals

Why Open‑Source Software Still Beats Proprietary Alternatives: 9 Compelling Reasons

The article outlines nine practical advantages of open‑source software—zero cost, instant availability, rapid security fixes, higher security, comprehensive community support, user‑centric customization, extended hardware lifespan, enhanced privacy, and superior overall quality—explaining why it remains a strong competitor to proprietary solutions.

CostSecuritycustomization

0 likes · 9 min read

Why Open‑Source Software Still Beats Proprietary Alternatives: 9 Compelling Reasons

WeChat Client Technology Team

Mar 1, 2016 · Mobile Development

WeChat’s 2016 Red Envelope Photo on Android: Performance, Security, and Rapid Development

This article examines how the Android team built WeChat’s 2016 Red Envelope Photo feature, covering its modular architecture, tight development timeline, performance optimizations, security measures, and controllable flow to deliver a smooth user experience.

AndroidFeature DevelopmentRed Envelope

0 likes · 11 min read

WeChat’s 2016 Red Envelope Photo on Android: Performance, Security, and Rapid Development

Architect

Feb 25, 2016 · Information Security

Proper Password Hashing: Salting, Key Stretching, and Secure Implementation

This article explains why simple password hashing is insufficient, describes common attacks such as dictionary, brute‑force, lookup‑table and rainbow‑table attacks, and provides best‑practice guidance—including random salts, CSPRNGs, key‑stretching algorithms like PBKDF2, bcrypt and scrypt—and complete PHP reference implementations.

PBKDF2PHPSecurity

0 likes · 34 min read

Proper Password Hashing: Salting, Key Stretching, and Secure Implementation

Architect

Feb 25, 2016 · Information Security

Password Hashing with PBKDF2 in C# (ASP.NET) and Ruby on Rails

The article presents complete, licensed implementations of salted PBKDF2‑SHA1 password hashing for both ASP.NET (C#) and Ruby on Rails, detailing the source code, usage methods, and verification procedures to securely store and validate passwords.

ASP.NETC#PBKDF2

0 likes · 7 min read

Password Hashing with PBKDF2 in C# (ASP.NET) and Ruby on Rails

21CTO

Feb 12, 2016 · Backend Development

Key Challenges in Building High‑Traffic Data‑Intensive Web Platforms

This article examines the critical issues of massive data handling, concurrency, file storage, relational design, indexing, distributed processing, AJAX usage, security, clustering, and OpenAPI trends that developers must address when architecting large, high‑interaction web sites.

BackendData ArchitectureDistributed Systems

0 likes · 8 min read

Key Challenges in Building High‑Traffic Data‑Intensive Web Platforms

21CTO

Feb 8, 2016 · Backend Development

10 Proven PHP Best Practices Every Developer Should Follow

This article presents ten expert‑backed PHP best practices—from choosing the right use cases and leveraging multi‑table storage for scalability, to security, caching, IDE usage, filtering functions, framework decisions, batch processing, and enabling error reporting—offering actionable guidance for building robust, high‑performance web applications.

IDEPHPSecurity

0 likes · 11 min read

10 Proven PHP Best Practices Every Developer Should Follow

Efficient Ops

Jan 26, 2016 · Operations

How Real-Time Log Analytics Transforms IT Operations

This article explains IT Operation Analytics (ITOA), its data sources, use cases, evolution of log management, and how a real‑time log search platform can improve monitoring, security, and business analysis for large‑scale IT environments.

Log AnalyticsSecuritymonitoring

0 likes · 13 min read

How Real-Time Log Analytics Transforms IT Operations

Alibaba Cloud Infrastructure

Jan 15, 2016 · Information Security

Alibaba’s Full‑Site HTTPS Deployment for E‑Commerce: Challenges, Architecture, and Performance Optimizations

The article examines Alibaba’s large‑scale rollout of full‑site HTTPS across its e‑commerce platforms, detailing the technical hurdles of performance, compatibility, and operational planning, and describing the architectural solutions and optimizations that enabled secure, high‑performance user experiences.

AlibabaFull‑Site EncryptionHTTPS

0 likes · 7 min read

Alibaba’s Full‑Site HTTPS Deployment for E‑Commerce: Challenges, Architecture, and Performance Optimizations